Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/1-i-643YGFxJGPupHXvgccRdoN0Y.roa
File: 1-i-643YGFxJGPupHXvgccRdoN0Y.roa (raw, json)
Hash identifier: NnSkDr0FNwZF62D3sXXurJArU+t1tf+JObk5NM93R1E=
Subject key identifier: FA:2F:BA:E3:76:06:17:12:46:3E:EA:47:5E:F8:1C:71:17:68:37:46
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 018571278D1BE19388217B5523A7FE3933DA
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/1-i-643YGFxJGPupHXvgccRdoN0Y.roa
Signing time: Mon 02 Jan 2023 06:24:55 +0000
ROA not before: Mon 02 Jan 2023 06:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58139
IP address blocks: 188.93.241.224/29 maxlen: 29
91.219.182.0/24 maxlen: 24
91.219.180.0/24 maxlen: 24
91.219.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:8d:1b:e1:93:88:21:7b:55:23:a7:fe:39:33:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Jan 2 06:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa2fbae376061712463eea475ef81c7117683746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:b4:7e:42:6f:2b:b2:61:9e:3d:66:40:00:
b2:61:db:c0:81:8a:de:9f:94:15:b3:8c:37:49:88:
d2:af:02:57:a1:bf:8a:40:ff:e9:07:0b:6f:87:a6:
42:02:70:47:0a:a4:02:41:82:c3:57:3c:d8:8a:c3:
f5:d0:fd:d1:2f:3e:c7:95:2a:b5:fa:65:dc:68:61:
97:85:53:06:64:ae:4e:f5:21:34:2d:5f:54:8b:f9:
c9:86:8d:a7:fd:dd:1e:23:d7:fa:3d:81:4b:50:2e:
3b:50:f3:fc:4e:b2:f3:ee:f2:42:59:51:8f:9c:45:
7d:cd:14:74:63:62:b1:a0:71:44:60:cf:98:ed:f7:
24:72:d5:28:c6:af:ec:da:2e:11:90:48:84:f6:7b:
ca:32:03:10:00:5c:5b:cf:bd:75:8a:0a:d3:a1:7e:
99:57:3c:df:05:1e:93:f0:79:e8:a1:69:ad:e1:c4:
37:9e:ed:c5:f8:e0:4a:59:79:95:6d:9b:3c:b2:66:
10:9d:9c:f2:2e:ec:72:ce:9e:1c:73:ad:31:b2:be:
b3:a3:42:cd:d5:a0:e1:fe:65:cd:a1:7c:1f:24:67:
b2:8c:17:b4:66:b9:9b:f1:42:ff:52:e5:5f:a9:be:
90:ae:82:1e:03:2c:87:1e:e7:45:70:92:10:56:ed:
23:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2F:BA:E3:76:06:17:12:46:3E:EA:47:5E:F8:1C:71:17:68:37:46
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/1-i-643YGFxJGPupHXvgccRdoN0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.180.0-91.219.182.255
188.93.241.224/29
Signature Algorithm: sha256WithRSAEncryption
64:d9:9c:a4:4f:6d:01:3e:0d:7c:3b:9a:42:31:5a:7d:45:bd:
9c:b8:41:fc:87:ed:d3:9d:1f:ac:62:f8:3f:b0:49:08:9f:38:
c6:2d:b3:77:f5:bd:fb:47:28:dd:d9:b6:2d:49:9e:bd:ee:ef:
14:b3:80:d3:f6:dc:d9:e3:e1:c8:44:32:83:e9:03:64:53:da:
56:07:63:eb:fb:dc:62:8b:c3:39:a7:6d:ec:1d:19:48:f6:70:
e8:2b:73:62:de:fe:b3:14:36:f0:1f:d1:c4:5f:d2:c1:3c:dd:
b7:d9:8b:bd:be:f2:36:56:77:83:8d:3e:19:50:15:22:c1:c3:
dc:7e:8e:25:3f:d9:e3:ba:76:85:b4:52:de:5d:cc:41:12:8b:
5f:5f:53:94:81:4b:b6:b0:81:84:95:11:ff:23:e9:29:46:3c:
59:e3:2c:d5:82:53:e0:cd:9e:c2:6e:e2:bc:20:a2:88:cc:36:
34:44:3b:93:dc:fa:18:c7:97:38:83:6e:90:2b:d7:3e:ce:05:
ad:ef:6c:2a:d6:4a:e8:0b:4a:c8:c2:7e:5f:d5:be:4b:f4:f9:
7d:67:8e:c8:35:eb:46:23:4a:5e:7a:6d:88:fb:a1:ed:64:b6:
0d:11:e0:1c:a0:d2:19:10:82:20:b6:af:b3:e2:96:91:1a:0e:
f7:5c:e9:27
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxJ40b4ZOIIXtVI6f+OTPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYmE0OGM3ZTJjOWUwNWVkYTU0NmQ4OTkxNDZiODlmNzk5
ZGY4NWQwHhcNMjMwMTAyMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJmYmFlMzc2MDYxNzEyNDYzZWVhNDc1ZWY4MWM3MTE3NjgzNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA+0fkJvK7Jhnj1mQACyYdvAgYre
n5QVs4w3SYjSrwJXob+KQP/pBwtvh6ZCAnBHCqQCQYLDVzzYisP10P3RLz7HlSq1
+mXcaGGXhVMGZK5O9SE0LV9Ui/nJho2n/d0eI9f6PYFLUC47UPP8TrLz7vJCWVGP
nEV9zRR0Y2KxoHFEYM+Y7fckctUoxq/s2i4RkEiE9nvKMgMQAFxbz711igrToX6Z
VzzfBR6T8HnooWmt4cQ3nu3F+OBKWXmVbZs8smYQnZzyLuxyzp4cc60xsr6zo0LN
1aDh/mXNoXwfJGeyjBe0Zrmb8UL/UuVfqb6QroIeAyyHHudFcJIQVu0jUQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPovuuN2BhcSRj7qR174HHEXaDdGMB8GA1UdIwQY
MBaAFL66SMfiyeBe2lRtiZFGuJ95nfhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYt
M2Q1MjIxODFhMmM0LzEvMS1pLTY0M1lHRnhKR1B1cEhYdmdjY1Jkb04wWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmQvN2Y4ODIxLTE1NjYtNDNmNC1hYjI2LTNkNTIyMTgxYTJj
NC8xL3ZycEl4LUxKNEY3YVZHMkprVWE0bjNtZC1GMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wGwQCAAEwFTAMAwQCW9u0
AwQAW9u2AwUDvF3x4DANBgkqhkiG9w0BAQsFAAOCAQEAZNmcpE9tAT4NfDuaQjFa
fUW9nLhB/Ift050frGL4P7BJCJ84xi2zd/W9+0co3dm2LUmeve7vFLOA0/bc2ePh
yEQyg+kDZFPaVgdj6/vcYovDOadt7B0ZSPZw6CtzYt7+sxQ28B/RxF/SwTzdt9mL
vb7yNlZ3g40+GVAVIsHD3H6OJT/Z47p2hbRS3l3MQRKLX19TlIFLtrCBhJUR/yPp
KUY8WeMs1YJT4M2ewm7ivCCiiMw2NEQ7k9z6GMeXOINukCvXPs4Fre9sKtZK6AtK
yMJ+X9W+S/T5fWeOyDXrRiNKXnptiPuh7WS2DRHgHKDSGRCCILavs+KWkRoO91zp
Jw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:08 2025 by rpki-client